Commit 487e5f45 authored by Sergei Golubchik's avatar Sergei Golubchik

file_key_management plugin: complain if key id 1 is not found

and don't recommend aes_ctr if it's unavailable
parent 432b78c9
...@@ -127,3 +127,23 @@ ERROR HY000: Can't create table `test`.`t1` (errno: 140 "Wrong create options") ...@@ -127,3 +127,23 @@ ERROR HY000: Can't create table `test`.`t1` (errno: 140 "Wrong create options")
select plugin_status from information_schema.plugins select plugin_status from information_schema.plugins
where plugin_name = 'file_key_management'; where plugin_name = 'file_key_management';
plugin_status plugin_status
install soname 'file_key_management';
ERROR HY000: System key id 1 is missing at MYSQL_TMP_DIR/keys.txt line 1, column 1
call mtr.add_suppression("Syntax error");
call mtr.add_suppression("Plugin 'file_key_management' init function returned error");
call mtr.add_suppression("Plugin 'file_key_management' registration.*failed");
FOUND /Syntax error/ in mysqld.1.err
create table t1(c1 bigint not null, b char(200)) engine=innodb encrypted=yes encryption_key_id=1;
ERROR HY000: Can't create table `test`.`t1` (errno: 140 "Wrong create options")
select plugin_status from information_schema.plugins
where plugin_name = 'file_key_management';
plugin_status
call mtr.add_suppression("System key id 1");
call mtr.add_suppression("Plugin 'file_key_management' init function returned error");
call mtr.add_suppression("Plugin 'file_key_management' registration.*failed");
FOUND /System key id 1/ in mysqld.1.err
create table t1(c1 bigint not null, b char(200)) engine=innodb encrypted=yes encryption_key_id=1;
ERROR HY000: Can't create table `test`.`t1` (errno: 140 "Wrong create options")
select plugin_status from information_schema.plugins
where plugin_name = 'file_key_management';
plugin_status
...@@ -94,3 +94,16 @@ install soname 'file_key_management'; ...@@ -94,3 +94,16 @@ install soname 'file_key_management';
source filekeys_badtest.inc; source filekeys_badtest.inc;
let SEARCH_PATTERN=Syntax error; let SEARCH_PATTERN=Syntax error;
source filekeys_badtest.inc; source filekeys_badtest.inc;
#
# no key id 1
#
remove_file $MYSQL_TMP_DIR/keys.txt;
write_file $MYSQL_TMP_DIR/keys.txt;
3;22222222222222222222222222222222
EOF
--replace_result $MYSQL_TMP_DIR MYSQL_TMP_DIR
--error 2
install soname 'file_key_management';
source filekeys_badtest.inc;
let SEARCH_PATTERN=System key id 1;
source filekeys_badtest.inc;
...@@ -48,9 +48,14 @@ static MYSQL_SYSVAR_STR(filekey, filekey, ...@@ -48,9 +48,14 @@ static MYSQL_SYSVAR_STR(filekey, filekey,
"Key to encrypt / decrypt the keyfile.", "Key to encrypt / decrypt the keyfile.",
NULL, NULL, ""); NULL, NULL, "");
#ifdef HAVE_EncryptAes128Ctr
#define recommendation ", aes_ctr is the recommended one"
#else
#define recommendation ""
#endif
static MYSQL_SYSVAR_ENUM(encryption_algorithm, encryption_algorithm, static MYSQL_SYSVAR_ENUM(encryption_algorithm, encryption_algorithm,
PLUGIN_VAR_RQCMDARG | PLUGIN_VAR_READONLY, PLUGIN_VAR_RQCMDARG | PLUGIN_VAR_READONLY,
"Encryption algorithm to use, aes_ctr is the recommended one.", "Encryption algorithm to use" recommendation ".",
NULL, NULL, 0, &encryption_algorithm_typelib); NULL, NULL, 0, &encryption_algorithm_typelib);
static struct st_mysql_sys_var* settings[] = { static struct st_mysql_sys_var* settings[] = {
......
...@@ -218,8 +218,14 @@ bool Parser::parse_file(Dynamic_array<keyentry> *keys, const char *secret) ...@@ -218,8 +218,14 @@ bool Parser::parse_file(Dynamic_array<keyentry> *keys, const char *secret)
} }
keys->sort(sort_keys); keys->sort(sort_keys);
my_free(buffer); my_free(buffer);
if (keys->at(0).id != 1)
{
report_error("System key id 1 is missing", 0);
return 1;
}
return 0; return 0;
} }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment